Cheat Sheet

This is a quick “cheat sheet” for myself…

Regular Expressions (Regex)

  • inverse match (i.e. match only when substring not found
    • ((?!substring).)*

Windows Shell/Command Prompt

  • future use

Linux Shell/Command Prompt

  • delete all files of a specific name/pattern in current and any sub-directories (without confirmation)
    • find . -name "<filename>" -type f -delete
  • quickly (and temporarily) mount a SMB share
    • mount -t cifs //<server>/<share> <mount point> -o rw,username='<username>',password='<password>'

Python

  • generate TOTP given seed:
    • python -c "import pyotp;print(pyotp.TOTP('seed').now())"

pyenv

Python version management tends to be a PitA, so here’s some quick cheats:

    • install pyenv:
      • apt install pyenv
    • install pyenv-virtualenv:
      • git clone https://github.com/pyenv/pyenv-virtualenv.git $(pyenv root)/plugins/pyenv-virtualenv
    • list available python versions for pyenv:
      • pyenv install --list
    • install specific python version for pyenv:
      • pyenv install <version>
    • create specific virtualenv with specific python version:
      • pyenv virtualenv <version> <venv name>
    • show pyenv versions available:
      • pyenv versions
    • set the current directory to use a specific virtualenv:
      • pyenv local <venv name>
    • reset the current directory to use default/system version:
      • pyenv local system
    • set “global” python version:
      • pyenv global <version>

ffmpeg

  • extract specific portions of video w/o re-encoding:
    • ffmpeg -i <input> -ss <seek timestamp> -t <duration> <output>
      • -ss <seek timestamp>: the timestamp (in h:m:s.ss format) to start from
      • -t <duration>: the duration of the extracted clip (in h:m:s.ss format)
      • note that multiple -ss <seek timestamp> -t <duration> <output> can be appended to do multiple extractions in one pass
  • remove embedded closed captions from video stream (e.g. example ffprobe output below):
    • ffmpeg -i <input> -c copy -bsf:v 'filter_units=remove_types=6' <output> 
        Stream #0:0(und): Video: h264 (High) (avc1 / 0x31637661), yuv420p, 1920x1072 [SAR 1:1 DAR 120:67], Closed Captions, 2150 kb/s, 23.98 fps, 23.98 tbr, 24k tbn, 47.95 tbc (default)   Metadata:     handler_name : VideoHandler     vendor_id : [0][0][0][0]
  • removing or re-ordering audio and subtitle tracks:
    • ffmpeg -i <input> -map 0:v:0 -map 0:a:<index> -map 0:s:<index> -c copy <output> (assuming only single input and single video stream, all <source> entries for the -map <source>:<type>:<index> parameters is always 0)
      • -map 0:a:<index>zero-based index of the audio track (i.e. even if multiple audio streams exist, and/or the first audio track is stream #0:n, the first audio track’s index is still0); multiple entries can be used, with the new order based on the order the -map parameter appears
      • -map 0:s:<index>zero-based index of the subtitle track (i.e.even if multiple subtitle streams exist, and/or the first subtitle track is stream #0:n, the first audio track’s index is still0); multiple entries can be used, with the new order based on the order the -map parameter appears
      • any un-mapped streams will be ommitted in the output (i.e. if you left out the -map 0:v:0, there will be no video stream)
  • removing or switching default audio and subtitle tracks:
    • ffmpeg -i <input> -c copy <output> -dispositions:<type>:<index> 0 -dispositions:<type>:<index> default <output>
      • -dispositions:<type>:<index> 0: remove stream <index> as the default stream for <type>
      • -dispositions:<type>:<index> default: set stream <index> as the default stream for <type>
      • note that the <index> is based on the output streams  order (e.g. if placed after other -map parameters)
  • merging a single separate audio and video stream:
    • ffmpeg -i <audio stream input> -i <video stream input> -c copy <output>
      • note that this assumes both streams have the same duration

OpenSSL

  • encode a string using AES and a password:
    • echo -n "<string>" | openssl enc -e -pbkdf2 -aes-256-cbc -a -nosalt
  • decode an AES-encoded string (from above) using a password:
    • echo -n "<encryptedstring>" | openssl enc -d -pbkdf2 -aes-256-cbc -a -nosalt

SSL/TLS Certificates and Server Connections

The following section/s shows some commands to obtain the data as per section heading.

  • grabbing certificate chain
    • openssl s_client -showcerts -connect <server:port>
  • testing TLS version
    • openssl s_client -connect <server:port> [ -tls1 | -tls1_1 | -tls1_2 | -tls1_3 ]
    • empty result likely shows the server does not support said TLS version, example:
% openssl s_client -connect localhost:443 -tls1_3
CONNECTED(00000003)
closed
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 241 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
  • testing accepted ciphers
    • nmap -script ssl-enum-ciphers -p <port> <server>
  • testing for EV (Extended Validation) certificates
    • run the following command to retrieve the OIDs from the Policy:
      • echo | openssl s_client -connect www.globalsign.com:443 2>&1 | openssl x509 -noout -ext certificatePolicies
    • subsequently, taking the OID, check with either:
      • http://oid-info.com/get/<OID> or
      • https://oidref.com/<OID less last decimal/leaf node>
    • examples: